Mozilla / Firefox Spoofing Security Issue 2005-02-07

[zoodayz]

Just thought I would pass this info on to otheres that may or may not know about it for Mozilla 1.7.x MozillaFirefox 0.x
Mozilla Firefox 1.x
Have a look at the test!
http://secunia.com/advisories/14163/

Be carefull! ZoodayZ...

Yes, however, there is a workaround. Type about:config into the browser address bar and hit the enter key.
Look for the following entry: network.enableIDN
Highlight that entry and double-click it to change the boolean value from true to false.
This will disallow a malicious webpage, that attempts to exploit this vulnerability, to load at all.
I have tried it on a test webpage and it stops the exploit from working by not allowing the exploit webpage to load

[mcg]

This is a temporary workaround, because if you install a new extension, the network.enableIDN takes its old value, no matter what it writes in the about:config tab. The real solution is to edit the ~/.mozilla/firefox/xxxxxxxx.default/compreg.dat file by hand and change this string:

Code:

@mozilla.org/network/idn-service;1,{62b778a6-bce3-456b-8c31-2865fbb68c91}

to this :

Code:

@mozilla.org/network/idn-service;0,{62b778a6-bce3-456b-8c31-2865fbb68c91}

mcg: Thank you for that tip

[Jman]

Subtle! I didn't even notice the strange character in the test, and I usually notice things like that.

[RedFedora]

Seems the web browser I use (Opera) is also vunerable. Any known work arounds for Opera yet?

[bob]

According to Digg, the 2/10/05 build of Mozilla and Firefox has corrected the security issue. Available here: http://ftp.mozilla.org/pub/mozilla.o...t-aviary1.0.1/